CRITICAL🇵🇱 Wersja polska

CVE-2023-0755

CVSS 9.8v3.1pub. 2023-02-23upd. 2024-11-21

The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ge Digital Industrial Gateway Server

    APP
    Ge
    ≤ 7.612
  • Ptc Kepware Server

    APP
    Ptc
    ≤ 6.12
  • Ptc Kepware Serverex

    APP
    Ptc
    ≤ 6.12
  • Ptc Thingworx Edge C Sdk

    APP
    Ptc
    ≤ 2.2.12.1052
  • Ptc Thingworx Edge Microserver

    APP
    Ptc
    ≤ 5.4.10.0
  • Ptc Thingworx Industrial Connectivity

    APP
    Ptc
    wszystkie wersje
  • Ptc Thingworx Kepware Edge

    APP
    Ptc
    ≤ 1.5
  • Ptc Thingworx .net Sdk

    APP
    Ptc
    ≤ 5.8.4.971
  • Rockwellautomation Kepserver Enterprise

    APP
    Rockwellautomation
    ≤ 6.12
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-5908CRITICAL9.1PL ✓ten sam produkt

Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych

CVE-2022-2848CRITICAL9.1ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2022-2825CRITICAL9.8ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2023-0754CRITICAL9.8ten sam produkt

The affected products are vulnerable to an integer overflow or wraparound, which could  allow an attacker to ...

CVE-2020-27267CRITICAL9.1ten sam produkt

KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versi...